Subscribe to our Threatpost Today newsletter

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

*

*

I agree to my personal data being stored and used to receive the newsletter

*

I agree to accept information and occasional commercial offers from Threatpost partners

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Another iPhone Passcode Bypass Vulnerability Discovered

It’s getting hard to keep track of all the bugs piling up for Apple’s iPhone. Now it seems a glitch in the iOS kernel of Apple’s much maligned iOS 6.1 is responsible for yet another passcode bypass vulnerability, the second to surface this month. Attackers can apparently access users’ photos, contacts and more by following a series of steps on an iPhone running iOS 6.1.

It’s getting hard to keep track of all the bugs piling up for Apple’s iPhone. Now it seems a glitch in the iOS kernel of Apple’s much maligned iOS 6.1 is responsible for yet another passcode bypass vulnerability, the second to surface this month. Attackers can apparently access users’ photos, contacts and more by following a series of steps on an iPhone running iOS 6.1.

Similar to the iPhone’s passcode vulnerability, the exploit involves manipulating the phone’s screenshot function, its emergency call function and its power button. Users can make an emergency call (911 for example) on the phone and then cancel it while toggling the power on and off to get temporary access to the phone. A video posted by the group shows a user flipping through the phone’s voicemail list and contacts list while holding down the power button. From there an attacker could get the phone’s screen to turn black before it can be connected to a computer via a USB cord. The device’s photos, contacts and more “will be available directly from the device hard drive without the pin to access,” according to the advisory.

The first half of the exploit borrows heavily from last week’s vulnerability – and the Lab notes this in the caption of the video that documents its proof of concept (“already release by other researcher”). It’s the second bypass – which can be achieved by holding down the power button, the screenshot button and the emergency button – that’s interesting; as it makes the phone’s screen, minus the top bar, go black. From there it can be plugged into a computer and the information can be harvested via iTunes from the phone’s hard drive with read/write access. In the accompanying video, the phone’s images and address book can be viewed on a PC without the user having to enter the phone’s passcode thanks to iTunes’ iPhone sync function.

Apple updated iOS 6.1 to 6.1.2 earlier this week but failed to address the recent passcode bug, instead opting to patch an Exchange calendar bug that had long affected users’ phone’s network activity and battery.

Last week representatives from Apple told Wall Street Journal’s AllThingsD they were aware of the first passcode bug and were developing a fix for “a future software update.”

This is getting ridiculous -- physical access to the iPhone is required so, unless you voluntarily hand over your phone or it is lost/stolen and falls into the hands of someone with a lot of dexterity, this whole thing is a non-issue.

What is really sad is that someone is either employed, or has too much time, to sit and test conbinations of button presses. Given the choice of playing with myself and exercising my weaker arm or trying to hack into my iPhone, I'd prefer to exercise my arm.

Yeah, as Anonymous 4:58am says "physical access to the iPhone is required so, unless you voluntarily hand over your phone or it is lost/stolen and falls into the hands of someone with a lot of dexterity, this whole thing is a non-issue."

The telecom confirmed the 2nd vulnerability also and reproduced them today. I am shocked and impressed by this guy because he is an aweesome hacker. I reproduced both bugs and was not connected ago with my mobile to sync. Very cool method to bypass and i hope apple close this issue as fast as possible.

Authors

Threatpost

InfoSec Insider Post

InfoSec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Post

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.